I was generating a revocation certificate for the purpose of creating
some internal user documentation, and received a strange message from
GnuPG 1.2.1:
89$ gpg --gen-revoke -a korb at qisc.com > revoke.asc
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
*** stuff deleted ***
Revocation certificate created.
Please move it to a medium which you can hide away; if Mallory gets
access to this certificate he can use it to make your key unusable.
It is smart to print this certificate and store it away, just in case
your media become unreadable. But have some caution: The print system
of your machine might store the data and make it available to others!
So, who is Mallory, and why would I want to know this? Can we replace
this message with something a bit more informative (such as "This
certificate must now be imported into your key ring to complete the
revocation process" or something along those lines?
Thanks,
Bill
---
William Korb, President & CTO Phone: 715-382-5462
QISC, Inc. Fax: 715-382-5462
19945 82nd Ave., Suite 201 E-mail: korb at qisc.com
Chippewa Falls, WI 54729-5631 URL: http://www.qisc.com/
"Tilting at Digital Windmills since 1995."